From bee8d8ea78616d516c67b47cc256804631cead8b Mon Sep 17 00:00:00 2001
From: Christian Ebner <c.ebner@proxmox.com>
Date: Fri, 17 May 2019 14:23:33 +0200
Subject: [PATCH] src/tools/xattr.rs: add functions name_store and
 security_capability

These functions allow to check if the name for xattrs/fcaps are valid.

Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
 src/tools/xattr.rs | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/tools/xattr.rs b/src/tools/xattr.rs
index 21af1b56..9ee4c45b 100644
--- a/src/tools/xattr.rs
+++ b/src/tools/xattr.rs
@@ -91,3 +91,15 @@ pub fn fsetxattr_fcaps(fd: RawFd, fcaps: CaFormatFCaps) -> Result<(), nix::errno
     Ok(())
 }
 
+pub fn security_capability(name: &[u8]) -> bool {
+    name == b"security.capability"
+}
+
+pub fn name_store(name: &[u8]) -> bool {
+    if name.is_empty() { return false; }
+    if name.starts_with(b"user.") { return true; }
+    if name.starts_with(b"trusted.") { return true; }
+    if security_capability(name) { return true; }
+
+    false
+}